Digital Graffiti

Were teen's exploits political or personal?

The Pleasant Hill, Calif., teenager claiming to be the cracker "Pimpshiz" says he defaced more than 200 Web sites last year to protest the copyright-infringement lawsuits against Napster  but investigators contend the suspects real objective wasnt hacktivism.
Law enforcement officials accuse Robert Lyttle, a 17-year-old high school junior, of plotting to hack his way to celebrity and land a top-dollar programming gig by getting arrested for penetrating high-profile government and military Web servers.

Pimpshiz blazed an online trail of mischief last summer condemning the music industrys legal war against Napster, scrawling digital graffiti on Web sites operated by NASA, the Norway Post Online, Verizon Wireless and even musician Don Henley. The incidents began in early August when home pages for The Martin Short Show and Inside Edition were targeted in an apparent publicity stunt for Pimpshizs "Save Napster" campaign.

Security site Attrition.org mirrored 20 of the pages Pimpshiz defaced, among them those of Honda U.K. and 800shoes.com. The hacker stepped up his blitz by defacing dot-mil and dot-gov sites with screeds accusing the government of trying to kill Napster. On the U.S. Army, U.S. Navy and other victimized sites, Pimpshiz wrote: "Awww . . . come on . . . why did you have to go and take sides with the [Recording Industry Association of America]. Now look what you did. Is the military really this insecure?"
Lyttle emerged from anonymity last month when he blew his cover in e-mails to reporters. In a phone interview, he told Interactive Week he is willing to lose everything to make his point about Napsters legal woes  but curiously, he isnt a big music fan or even a Napster user.
Federal authorities had already suspected him. They raided his home on Dec. 18, after tracing the America Online alias he posted on some vandalized sites. FBI, NASA and Defense Department agents seized computers, a Palm handheld and a DVD player from his mothers apartment, along with five years worth of his source code.
The suspect was not home  his sister answered the door  but he was picked up by officers at a friends house. A Contra Costa County, Calif., investigator and a Defense Department agent quizzed him for an hour about the defacements and also alleged credit-card fraud, but released him.
The interrogators had phone logs and "knew who my childhood friends were," the teen says. One agent "was pretty pissed" and refused to identify himself, Lyttle claims, for fear of "digital murder" by the teens hacker pals.
Lyttle cannot be charged as an adult, which rules out a federal indictment. Instead, the county expects to prosecute the juvenile after getting results in a few weeks from the FBI forensic examination of his computers. Hamstrung by light penalties for youths convicted of computer crimes, Assistant District Attorney Dodie Katague says he plans to seek the maximum penalty of nine years in juvenile detention.
"We certainly want to make him a ward of the court and get him under supervision," Katague says. "One of the terms would be [that] he doesnt get to touch a computer until hes 26."
Lyttle knew last year that he was bound to be collared, but he didnt seem to care. In e-mails, he wrote that he would stand on principle and confess if caught  but he also warned of a torrential "after attack."
"Be aware that there will be a huge chain reaction/aftermath when I get arrested," Lyttle told this reporter then. But only one attack, mirrored on security site Alldas.de, has been recorded since the FBI raid.
He says he never expected G-men to catch him. "I was surprised, since I quit and all that," he says, insisting his hacking activities ended with a slew of Halloween defacements.
Despite his confession, Lyttle hasnt revealed the exploit he says he used to infiltrate Web sites. Katague says the teens silence on this point has infuriated investigators. The teen-ager unapologetically says he wont reveal it: "I might have some uses for it later on."
In e-mails last summer, the cracker says he exploited a vulnerability in Microsofts Internet Information Server 4.0 and 5.0. Analysts say his incomplete explanation referred to known bugs in Windows NT. Microsoft representatives would not comment on Lyttles claims since the exploit he allegedly used is still a mystery. The cracker claimed he also penetrated other servers; postings on Alldas.de indicates he hit servers running Linux and Unix.
Investigators are suspicious, however, of the teens bragging and his apparent indifference about looming criminal charges.
"Hes doing it for the publicity, and I guess he thinks that having an arrest and a conviction will be a resume builder for him and hell get a better job," Katague says. "Thats his warped moral sense."
Lyttle admits hes looking for a job now, but denies it was all just a stunt to boost his career as a programmer. He really doesnt care what investigators think of him. "Its not like Im fighting to try to get the FBI to like me," he says.